Video

Play Video

Podcast

LISTEN ON

Facebook
Twitter
LinkedIn
Email
Skype
WhatsApp
Telegram

Episode 46

The FBI web portal sent a fake cyber alert to thousands and to Brian Krebs who interviewed the hacker

FBI Hacked Spams Thousands

Every day Big Tech and Mass Media make it hard to find out what is going on with the internet. The suppression of information is a danger to all of us.  Social media attempts to shape news and information by over-amplification of disinformation. This podcast hope to give information and provide insights from 
 
 

Join our community!!
Subscribe to the Insecurity Brief podcast now on every platform we can find

Follow me on Twitter

@trip_elix

 

Hoax Email Blast Abused Poor Coding in FBI Website

The Federal Bureau of Investigation (FBI) confirmed today that its fbi.gov domain name and Internet address were used to blast out thousands of fake emails about a cybercrime investigation. According to an interview with the person who claimed responsibility for the hoax, the spam messages were sent by abusing insecure code in an FBI online portal designed to share information with state and local law enforcement authorities.

https://krebsonsecurity.com/2021/11/hoax-email-blast-abused-poor-coding-in-fbi-website/oo4DhrIcZ+Xx+0UUAfT0jxpFFECbhOtxiigCiiigH/2Q==

FBI messaging system hacked to send fake cybersecurity warnings

Hackers have targeted Federal Bureau of Investigation (FBI) mail servers, sending thousands of fake messages saying their recipients have become the victims of a “sophisticated chain attack,” first reported by Beeping computer. The emails were originally discovered by The Spamhaus Project, a nonprofit organization that investigates email spammers.

https://goodwordnews.com/fbi-messaging-system-hacked-to-send-fake-cybersecurity-warnings/

ABOUT EMAIL HEADERS

This tool will make email headers human readable by parsing them according to RFC 822. Email headers are present on every email you receive via the Internet and can provide valuable diagnostic information like hop delays, anti-spam results and more. If you need help getting copies of your email headers, just read this tutorial.

https://mxtoolbox.com/EmailHeaders.aspx

FBI Statement on Incident Involving Fake Emails

The FBI is aware of a software misconfiguration that temporarily allowed an actor to leverage the Law Enforcement Enterprise Portal (LEEP) to send fake emails. LEEP is FBI IT infrastructure used to communicate with our state and local law enforcement partners. While the illegitimate email originated from an FBI operated server, that server was dedicated to pushing notifications for LEEP and was not part of the FBI’s corporate email service. No actor was able to access or compromise any data or PII on the FBI’s network.

https://www.fbi.gov/news/pressrel/press-releases/fbi-statement-on-incident-involving-fake-emails

Kevin Beaumont
@GossiTheDog
98%
This is an example email being sent via FBI notification. It is not real.

https://pbs.twimg.com/media/FEED6BrXMAQ7kvP?format=jpg&name=small

Search

Trip's Books

Subscribe to

The Insecurity Brief
RadioPublic Podcasts
Pocket Casts Podcasts
Breaker Podcasts
Soundcloud Podcasts
IHeart Podcasts
Rss Feed
Subscribe via Email

About The Host

Trip Elix

Trip Elix is an author, podcaster and video personality Over the last 30 years, he has worked as a security analyst and privately as a consultant, investigator, forensic technician, and skip tracer. He is the author of books and gives talks on security and privacy.

You May Also Like

Copy & Paste Exploit
How To Tell If Your Device Has A Virus
Chinese Propaganda Targets Redefining Democracy Uses Bots To Spread Message